SAML tokens embedded within proxy certificates isn't one of the "common denominators" identified by the pgi-wg as an "authz plumbing" (to borrow Morris' phrasing).

 

And if the point of the PGI-WG is to move forward in a unified direction with SAML instead of documenting the mish-mash myriad of ways for expressing the same thing that exist now, then 2.0 would be the place to hang your hat.

 

 

-Duane